Multi-dimensional credentialing using veiled certificates
First Claim
1. A method for creating veiled certificates, the method comprising:
- requesting a certificate from a regulator by sending a message with a digital signature of the message signed by an owner, the message comprising the owner'"'"'s veiled certificate token, the veiled certificate token comprising an encrypted version of the owner'"'"'s identification data and the owner'"'"'s public key for the certificate, the message further comprising an identification public key, the message being encrypted using the regulator'"'"'s external public key;
validating the certificate request by verifying the sender'"'"'s identity through validation of the digital signature using the owner'"'"'s external public key and verifying the veiled certificate token has been created properly using the identification public key;
creating a veiled certificate by combining the veiled certificate token, identification public key, and digitally signing the veiled certificate with regulator'"'"'s private key, wherein the owner'"'"'s identification information is inaccessible from the veiled certificate, except to the certificate owner;
requesting a certificate from a second regulator by sending a message with a digital signature of the message signed by the owner, the message comprising the owner'"'"'s veiled certificate token, the veiled certificate token comprising the owner'"'"'s identification data and the owner'"'"'s public key for the certificate, the message further comprising the identification public key, the message being encrypted using the second regulator'"'"'s external public key;
validating the certificate request by verifying the sender'"'"'s identity through validation of the digital signature using the owner'"'"'s external public key and verifying the veiled certificate token using the identification public key; and
creating a second veiled certificate by combining the veiled certificate token, identification public key, and digitally signing the second veiled certificate with second regulator'"'"'s private key, wherein the owner'"'"'s identification information is inaccessible from the second veiled certificate, except to the owner.
1 Assignment
0 Petitions
Accused Products
Abstract
In accordance with certain embodiments of the present disclosure, a method for creating a veiled certificate is provided. The method comprises requesting a certificate from a regulator by sending a message with a digital signature of the message signed by the owner. The message comprises an owner'"'"'s veiled certificate token, the veiled certificate token comprising an encrypted version of the owner'"'"'s identification data and the owner'"'"'s identification public key for the certificate. The message further comprises the identification public key, the whole message being encrypted using the regulator'"'"'s external public key. The certificate request is validated by verifying the sender'"'"'s identity through validation of the digital signature using the owner'"'"'s external public key and verifying the veiled certificate token using the individual'"'"' external public key. A veiled certificate is created by combining the veiled certificate token, identification public key and digitally signing the veiled certificate with the regulator'"'"'s private key, wherein the owner'"'"'s identification information is inaccessible from the veiled certificate, except to the certificate owner.
-
Citations
9 Claims
-
1. A method for creating veiled certificates, the method comprising:
-
requesting a certificate from a regulator by sending a message with a digital signature of the message signed by an owner, the message comprising the owner'"'"'s veiled certificate token, the veiled certificate token comprising an encrypted version of the owner'"'"'s identification data and the owner'"'"'s public key for the certificate, the message further comprising an identification public key, the message being encrypted using the regulator'"'"'s external public key; validating the certificate request by verifying the sender'"'"'s identity through validation of the digital signature using the owner'"'"'s external public key and verifying the veiled certificate token has been created properly using the identification public key; creating a veiled certificate by combining the veiled certificate token, identification public key, and digitally signing the veiled certificate with regulator'"'"'s private key, wherein the owner'"'"'s identification information is inaccessible from the veiled certificate, except to the certificate owner; requesting a certificate from a second regulator by sending a message with a digital signature of the message signed by the owner, the message comprising the owner'"'"'s veiled certificate token, the veiled certificate token comprising the owner'"'"'s identification data and the owner'"'"'s public key for the certificate, the message further comprising the identification public key, the message being encrypted using the second regulator'"'"'s external public key; validating the certificate request by verifying the sender'"'"'s identity through validation of the digital signature using the owner'"'"'s external public key and verifying the veiled certificate token using the identification public key; and creating a second veiled certificate by combining the veiled certificate token, identification public key, and digitally signing the second veiled certificate with second regulator'"'"'s private key, wherein the owner'"'"'s identification information is inaccessible from the second veiled certificate, except to the owner. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification